Tripp Lite B092-016 - Remote Groups with LDAP Authentication

To Next Page

To Previous Page

141

Chapter 9: Authentication

FredWhite Cleartext-Password:=”WhiFre62”

  Framed-Filter-Id=”:group_name=testgroup1,users:”

JanetLong Cleartext-Password:=”LonJan57”

  Framed-Filter-Id=”:group_name=admin:”

• Additionallocalgroupssuchastestgroup1 can be added via Users & Groups: Serial & Network

9.1.8 Remote groups with LDAP authentication

UnlikeRADIUS,LDAPhasbuiltinsupportforgroupprovisioning,whichmakessettingupremotegroupseasier.Theconsole

serverwillretrievealistofalltheremotegroupsthattheuserisadirectmemberof,andcomparetheirnameswithlocal

groups on the Console Server.

Note: Any spaces in the group name will be converted to underscores.

Forexample,inanexistingActiveDirectorysetup,agroupofusersmaybepartofthe“UPS Admin”and“Router Admin”

groups.OntheConsoleServer,theseuserswillberequiredtohaveaccesstoagroup“Router_Admin”,withaccesstoport

1(connectedtotherouter),andanothergroup“UPS_Admin”,withaccesstoport2(connectedtotheUPS).OnceLDAPis

setup,usersthataremembersofeachgroupwillhavetheappropriatepermissionstoaccesstherouterandUPS.

Currently,theonlyLDAPdirectoryservicethatsupportsgroupprovisioningisMicrosoftActiveDirectory.Supportisplannedfor

OpenLDAPatalatertime.

ToenablegroupinformationtobeusedwithanLDAPserver:

• CompletetheeldsforstandardLDAPauthenticationincludingLDAPServerAddress,ServerPassword,LDAPBaseDN,

LDAPBindDNandLDAPUserNameAttribute

• EntermemberOfforLDAP Group Membership Attribute as group membership is currently only supported on Active

Directoryservers

• Ifrequired,enterthegroupinformationforLDAP Console Server Group DN and/or LDAP Administration Group DN

Other manuals for Tripp Lite B092-016